Legal Services
Report WP9-03i
Version 2.0
April 2004
© Cornwall County Council for the National Smart Card Project
2 Book name
WP9-03i – Legal Services v2.0 release 30/04/2004
Revision History
Document Version / Date / Author / Description of Changes1.0 / 31/03/04 / Smartex Limited / Final
2.0 / 30/04/04 / Editorial Board / Abstract
Abstract
This document and all related WP9 specification documents have been developed by the NSCP to aid those considering the introduction of a multi-application smart card scheme. It is not the intention that they should be followed in a prescriptive way, but used as a basis for scheme development.
In line with central government policy development on e-government, Local Authorities are developing initiatives with regard to e-democracy and electronic voting, especially in conjunction with their smart card projects.
Currently, there is considerable debate in the public domain associated with electronic voting and democracy, which has not yet firmed into any local or national core principles, guidelines on how an electronic voting system should function.
The service facility on a local authority smart card, outlined in this document covers two specific areas which can be incorporated into a smart card scheme, namely:
o Voter registration, in person and on-line
o actual vote casting, both local and remote.
This document provides functional outlines for how such service(s), delivered through a chip card, can be developed to address and cover some of the issues, flexibly and reliably.
Preface
Objectives
The National Smartcard Project (Work Package 9 – Smart Card Starter Pack) has the key objective to prepare a starter pack usable by local authorities to deliver a smart card scheme in their areas quickly and cost-effectively.
Scope
The scope of this document was agreed in the acceptance of the following documents:
o National Smart Card – Functional Requirements – Proposed Content – v1.0
o National Smart Card – Functional Requirements – Proposed Content – Addendum to Version 1.0
This document provides:
o Scheme - Schematic architecture showing:
· Local Government Offices
o Chip Map – Legal Services – Electronic Voting
o Chip Acceptor Requirements
o Functions
· Electronic Voting
o Registration
o Vote casting
· Remote, on-line
· At polling station
o Interface to Central Host
NOT included are
o Licences (Market Stalls, Pubs etc)
o Other legal services
Assumptions
It is assumed that the National Smartcard will be based upon an off-line smart architecture.
The functional requirements do not presume:
o The chip and/or platform
o The Security Architecture other than it is assumed that there will be a SAM in the chip acceptor
o The standards for the purses
o The standards for transportation ticketing
The chip maps contained within these Functional Requirements are only indicative of the minimum business functional requirements:
o The need for certain minimum data elements
o The need for certain minimum data firewalls
o Do not specify any data formats, data lengths, or data values unless they are part of a standard or an emerging standard.
As indicated above it is important to note that this document and its content should be used as a basis for smart card scheme development and not necessarily used in a prescriptive manner.
Issues
None.
Related Documents
Document / Description /CEN URI CWA 13987-1 / Smart Card Systems
Interoperable Citizen Services
User Related Information (based on DISTINCT)
Definition of User Related Information
CEN URI CWA 13987-2 / Smart Card Systems
Interoperable Citizen Services
User Related Information (based on DISTINCT)
Implementation Guidelines
CEN URI CWA 13987-3 / Smart Card Systems
Interoperable Citizen Services
User Related Information (based on DISTINCT)
Guidelines to Creating, Operating and maintaining an Interoperable Network
EN 1332-4 / Special Needs Codes
Physical Poll Needs Codes
ISO 639 (1988) / Language Codes
ISO 3166-1 (1977) / Country Codes
ISO 5218 (1977) / Gender Codes
ISO 7812 / Identification Cards
Numbering System and Registration Procedure for Issuer Identifiers
ISO 7816-1 / Identification Cards
Integrated Circuit(s) Cards with Contacts
Part 1 – Physical Characteristics
ISO 7816-2 / Identification Cards
Integrated Circuit(s) Cards with Contacts
Part 2 – Dimensions and Location of the Contacts
ISO 7816-3 / Identification Cards
Integrated Circuit(s) Cards with Contacts
Part 3 – Electronic Signals and Transmission Protocols
ISO 7816-4 / Identification Cards
Integrated Circuit(s) Cards with Contacts
Part 4 – Inter-Industry Commands for Interchange
ISO 8601 (1988) / Date Formats
ISO 10646-1 / Character Sets
ISO 14443-1 / Identification Cards
Contactless Integrated Circuits Cards
Proximity Integrated Circuits Cards
Part 1 – Physical Characteristics
ISO 14443-2 / Identification Cards
Contactless Integrated Circuits Cards
Proximity Integrated Circuits Cards
Part 2 – Radio Frequency Power and Signal Interface
ISO 14443-3 / Identification Cards
Contactless Integrated Circuits Cards
Proximity Integrated Circuits Cards
Part 3 – Frames and Anti-Collision for Type A
ISO 14443-4 / Identification Cards
Contactless Integrated Circuits Cards
Proximity Integrated Circuits Cards
Part 4 – Inter-Industry Commands for Interchange
NSCP01 / Scheme Architecture & Host
NSCP02 / Terminals & Devices
NSCP03 / Core Functions
NSCP04 / Arts & Culture Services
NSCP05 / Education Services
NSCP06 / Personnel Services
NSCP07 / Travel Services
NSCP08 / Legal Services - Electronic voting Services
NSCP10 / Social Services
NSCP11 / Sport & Amenity Services
NSCP12 / Tourist Services
NSCP13 / Standards, Type Approval & Certification
Contents
Revision History 1
Abstract 2
Preface 3
Objectives 3
Scope 3
Assumptions 4
Issues 4
Related Documents 4
Contents 7
1. Service Overview 9
1.1. Overview 9
1.2. Schematic 10
1.2.1. Local Government Networks & Terminals 10
1.3. Assumption 10
2. CHIP Map – Electronic Voting 11
2.1. Overview 11
2.2. Chip Map Specifics 11
3. Chip Acceptor Requirements 13
3.1. Overview 13
3.2. Card Reader 13
3.3. Card Validation 13
3.4. Terminal Verification 14
3.5. Cardholder Verification 15
3.6. Transaction generation 15
3.6.1. Transactions at Registration 15
3.6.1.1. Card Update at Registration 15
3.6.1.2. Central Host Update at Registration 15
3.6.2. Transactions at Voting 16
3.6.2.1. Card Update at Voting 16
3.6.2.2. Central Host Update at Voting 16
4. Functions 17
4.1. Overview 17
4.2. Voter Registration 17
4.3. Voting 18
4.3.1. Physical Presentation to Vote 18
4.3.2. Electronic Presentation to Vote 18
5. Interface to Central Host 19
5.1. Communications Management 19
5.2. Transaction Management 19
5.3. Settlement Management 19
5.4. Risk Management 20
5.5. Management Reports 20
5.6. Hot Card Files 20
Appendix A – Card Numbering 21
Appendix A1 – Luhn Check Digit Algorithm 21
Appendix B- Glossary 23
-1-
WP9-03i – Legal Services v2.0 release 30/04/2004
1. Service Overview
1.1. Overview
In line with central government policy development on e-government, Local Authorities are also developing initiatives with regard to e-democracy and electronic voting, especially in conjunction with their smart card projects.
Currently, there is enormous debate in the public domain about the:
o Principles
o Acceptability
o Problems
o Issues
o Etc.,
associated with electronic voting and democracy, which has not yet firmed into any local or national core principles, guidelines on how an electronic voting system should function.
The service facility on a local authority smart card, outlined in this chapter covers two specific areas which can be incorporated into a smart card scheme, namely:
o Voter registration, in person and on-line
o actual vote casting, both local and remote.
This document provides functional outlines for how such service(s), delivered through a chip card, can be developed to address and cover some of the issues, flexibly and reliably.
Comment
While core principles and guidelines are not yet established in the public domain with regard to Electronic Voting, this specification utilises features of smart card technology which are already being used in secure areas of the banking and payments industry. These key principles are:
1. Is this a valid card?
2. Being used by the right person?
3. In the right place?
4. At the right time?
It is noted that in amongst the wealth of material in the public debate on electronic voting a key requirement is that voting should become a ‘virtual’’ world activity, but must nevertheless be secure, robust and reliable. Again smart card technology can assist this enormously
1.2. Schematic
1.2.1. Local Government Networks & Terminals
1.3. Assumption
It is assumed that the registering agent or authority, not the scheme operator, will satisfy himself that the cardholder does indeed qualify as a voter before setting up an Electronic Voting service in the smart card.
2. CHIP Map – Electronic Voting
2.1. Overview
The objective of this chapter is to describe the minimum data that is required for the Legal Services – Electronic voting sub-system(s).
The card data elements covered below, to be held in the card, within the chip map area allocated for Legal Services - Electronic voting, will be those elements, additional to the standard ones held in the card shell, that are required for the delivery of the Legal Services - Electronic voting services listed above.
2.2. Chip Map Specifics
The tables below indicate the data elements that are required in the chip map of the scheme smart card, to allow the delivery of ONE electronic voting service i.e. facility to vote in ONE poll.
It is quite feasible that one cardholder would have entitlement to more than one vote e.g. for a local Councillor, for a local MP, a referendum. Therefore the chip map needs to allow for multiple electronic voting service records – one for each poll / referenda – up to a maximum of, say, 10.
FIELD / NOTES /Service Code / Code for this service within the scheme
Status / Service enabled or not? e.g. 0 = No, 1 = Yes
Poll Code / Code for a particular poll
Voter ID / Cardholder’s voting number, reference
Start Date / Date on which this service will begin
Default to
o today’s date, or
o first polling day
Expiry Date / Date on which this service expires
Default to
o today’s date + ‘n’ days, as appropriate, or
o last polling day
Vote Indicator / 0 = no vote made (default)
1 = cardholder has voted
Transaction date/time / Date and time that vote was cast
Polling station ID / 0 = No vote cast
1 = on-line vote
‘n’ = physical polling station number ID
In addition, other general data elements in the card, elements in the shell area of the chip map, which are not specific to any particular service, should be available to the processing of the Electronic voting service e.g.
FIELD / NOTESCard Number
Card Expiry date / CEN end of validity date
Card Security date
Biometric check / For authentication of Cardholder ID
3. Chip Acceptor Requirements
3.1. Overview
The chip acceptor device needs to:
o Read the card by contact interface
o Establish that the card is a valid scheme card, valid for this service
o Perform cardholder verification
o Generate a transactions for
§ onward transmission to the Central Host system
§ card and service update
3.2. Card Reader
The chip acceptor/card reader will read the card by contact interface and be able to:
§ Display error messages
§ Be able to indicate that it is ready and working
3.3. Card Validation
The chip acceptor device should be configured / programmed to validate the card presented to it in contact mode by performing the following checks:
o Read the card number, recorded internally within the card chip map – the same number that is usually, but not necessarily, printed on the face of the card.
o Apply the Luhn check algorithm (Appendix A1) to the card number
§ If the card number does NOT pass the Luhn check, then, Poll is denied with a suitable message e.g. ‘Poll denied - Invalid Card’
§ If the card number checks out OK, then the card is accepted as valid and the system proceeds to the next step.
o Check for a HOT card number, by reference to the Central Host system
§ If the card number is HOT, then, Poll is denied with a suitable message e.g. ‘Poll denied - Hot card ’
§ If the card is NOT hot, then proceed to the next step.
o Check that the Card is valid for Electronic voting, by reading the Legal Services - Electronic voting Service record(s) that are in the card, seeking a match on Poll ID:
§ If no match on Poll ID is found, then, voting is denied with a suitable message e.g. ‘Card not valid for this Poll’
§ If the card is valid for Poll, then the system proceeds to the next step.
o Check that the Service is enabled by reading the Status indicator in Legal Services - Electronic voting Service record(s) that are in the card:
§ If the status is not OK, then, voting is denied with a suitable message e.g. ‘Service not enabled for this Poll’
§ If the card is valid for Poll, then the system proceeds to the next step.
o ‘Check for Expired Card by reading the card expiry/security date in the shell area of the chip map and comparing it against today’s date:
§ If the card is expired, then, voting is denied with a suitable message e.g. ’Expired card ’
§ If the card is NOT expired, then the system proceeds to the next step.
o Check for Expired Service. by reading the appropriate service record and checking the expiry date against today’s date:
§ If the service has expired, then, voting is denied with a suitable message e.g. ‘Expired electronic voting Service ’
§ If the service has NOT expired, the system proceeds to the next step.
o Check the Vote indicator on the service record, to ensure that the cardholder has not voted already:
§ If vote indicator is set, then voting is denied with a suitable message e.g. ‘Cardholder has already voted’
§ If the vote indicator has not been set, i.e. still 0, the card and the service are accepted as valid and the system proceeds to the next steps and Polling processes.
3.4. Terminal Verification
The ID of the device or terminal in which the card reader/ chip acceptor sits, once it has been matched against the Polling station ID, as identified in the Electronic service record in the card, must be passed to the Central Host system with the transaction for back-office storage and analysis.